dev server fixes for export with CSP

pull/1/head
ansuz 3 years ago
parent 84757e8d88
commit 0d31deb3fc

@ -80,7 +80,7 @@ var setHeaders = (function () {
if (typeof(config.padContentSecurity) === 'string') { if (typeof(config.padContentSecurity) === 'string') {
padHeaders['Content-Security-Policy'] = config.padContentSecurity; padHeaders['Content-Security-Policy'] = config.padContentSecurity;
} else { } else {
padHeaders['Content-Security-Policy'] = Default.padContentSecurity(Env.httpUnsafeOrigin); padHeaders['Content-Security-Policy'] = Default.padContentSecurity(Env.httpUnsafeOrigin, Env.httpSafeOrigin);
} }
if (Object.keys(headers).length) { if (Object.keys(headers).length) {
return function (req, res) { return function (req, res) {
@ -110,6 +110,7 @@ var setHeaders = (function () {
const h = [ const h = [
/^\/common\/onlyoffice\/.*\/index\.html.*/, /^\/common\/onlyoffice\/.*\/index\.html.*/,
/^\/(sheet|presentation|doc)\/inner\.html.*/, /^\/(sheet|presentation|doc)\/inner\.html.*/,
/^\/unsafeiframe\/inner\.html.*$/,
].some((regex) => { ].some((regex) => {
return regex.test(req.url); return regex.test(req.url);
}) ? padHeaders : headers; }) ? padHeaders : headers;

Loading…
Cancel
Save